This passes an --extension-tag to flatpak build-init which will
set the "tag" option on the ExtensionOf section in the metadata.
Closes: #126
Approved by: alexlarsson
This isn't really right, as install doesn't handle an empty subpath
like that. In fact, doing so will break exports.
Closes: #124
Approved by: alexlarsson
This is similar to inherit-extensions, but the extensions
are not also inherited into the platform when it is created.
Closes: #121
Approved by: alexlarsson
This is useful for example if you're using a sdk-extension that
is supposed to override some binaries from /usr/bin.
Closes: #119
Approved by: alexlarsson
This makes sure that ccache is disabled if you don't enable
it on the commandline. This makes sense, because we don't
have any persistant location for the ccache files anyway.
Additionally this is done to work around a race condition initializing
~/.ccache/ccache.conf that causes meson builds to error out.
Closes: #118
Approved by: alexlarsson
This allows you to run --install-from-deps=foo -y to always install all
dependencies. Useful for auto-builders like flathub.
Closes: #107
Approved by: mwleeds
This allows us to be run from inside of a flatpak application and
successfully build by proxying the flatpak commands to the host.
Closes: #100
Approved by: alexlarsson
This allows us to pass it through in the case we're running in the same
pid namespace as the flatpak-builder process.
Closes: #100
Approved by: alexlarsson
If we do not clear the FDList before entering the main loop, the splice
async command may not complete because the pipe fd is still held. This
fixes an issue where builder_maybe_host_spawnv() hangs indefinitely when
run inside a Flatpak application.
Closes: #100
Approved by: alexlarsson
This way, if anything fails during the initial pull we can remove it
and not be confused by a partial repo on the next run.
Closes: #98
Approved by: alexlarsson
If there were no change we didn't export and there might be nothing
to install, so print a notice that we're ignoring the install.
Closes: #85
Approved by: alexlarsson
This allows you to build and install the result in a single operation.
If a --repo is given the app is installed from there, otherwise we
build-export it to the flatpak-builder cache repo, which already has
all the objects that are needed in it, so this will not increase
disk-use.
Closes: #81
Approved by: alexlarsson
This means we can build without xattrs
This only affects new caches, old ones will work fine with the
bare-user repo though.
Closes: #80
Approved by: alexlarsson
This stores the cache in the canonical format (i.e. uid/gid 0 and no
weird permissions). This has two advantages, first of all it matches
what flatpak build-export will produce, so diff:ing with the final
result will make things easier to read, shared repos will be smaller,
etc. Secondly, it will allow us to switch to bare-user-only mode which
means we don't need/use xattrs for the build filesystem.
Note: We bump the cache format as the cache will change affecting
e.g. ostree diff between different cachepoints, so this will rebuild
everything once.
Closes: #80
Approved by: alexlarsson
We used to have a hack where we used a bare-user cache
and a non-user-mode checkout to force a copy. But these
days ostree has a force_copy mode, so lets just use that.
This doesn't really change anything for now, but it will allow
us later to canonicalize the uid/gid in the cache without then
failing to check out due to permission issues.
Closes: #80
Approved by: alexlarsson
This allows inclusion of sources from an external json source similar
to how we do it for modules.
For example, you can use:
"sources": [
{
"type": "shell",
"commands": [ "echo BEFORE include" ]
},
"include.json",
{
"type": "shell",
"commands": [ "echo AFTER include" ]
}
]
with include.json containing:
[
{
"type": "shell",
"commands": [ "echo Shell 1" ]
},
{
"type": "shell",
"commands": [ "echo Shell 2" ]
}
]
This is very useful in the case where the included file is
auto-generated from some other source, such as an npm lockfile.
Closes: #77
Approved by: alexlarsson
* Add more checksum types for files and archives
Many upstreams don't use sha256, some use even stronger checksums like
sha512, and its nice to be able to use these. Some system uses
weaker checksums, which you can work around by recomputing your own,
but sometimes that is a bit painful, for example when you're
auto-generating flatpak-builder manifests based on some other format
such as npm lock files.
This adds all the checksum types that GChecksum supports in the
glib version we currently use: md5, sha1, sha256, sha512
The function only does I/O, so could fail. Expose failure to the caller
rather than hiding it.
Coverity CID: #208385
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #74
Approved by: alexlarsson
Rather than dropping the error on the floor entirely.
Coverity CID: #208384
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #74
Approved by: alexlarsson
Move the call inside a preprocessor condition so we don’t end up with
two `return` lines.
Coverity CID: #208383
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #74
Approved by: alexlarsson
Modules that say "run-tests": true, will run tests after installation,
unless disabled by --disable-tests.
The tests run by default are make check or ninja test, however you
can control the make/ninja target with test-rule, or supply a list
of commands with test-commands. There is also a test-args argument
in build-options, which you can use to give e.g. network access.
The tests are run with readonly access to the install directory, so
they cannot affect the build results.
Closes: #65
Approved by: alexlarsson
If we're bundling sources we really need to fetch from them because
we want to bundle shallow clones. However, this doesn't work for older
git versions, so pre-emptively fetch those deeply.
Closes: #62
Approved by: alexlarsson
Fetching from shallow clones was added in 1.9.0, so we do deep
clones of submodule repos before that to ensure submodule update
works.
Closes: #62
Approved by: alexlarsson
Older versions of git default to only tags when you do --tags instead
of tags + all. So, we force everything with --tags *:*.
Closes: #62
Approved by: alexlarsson
When pulling the commit we need to also pull the tags so we have them
locally, and then we need to peel the ref when we commit it so that we
don't try to create a ref pointing to a non-commit (tag) object.
Closes: #62
Approved by: alexlarsson
The git 1.8.3.2 release notes say:
* Cloning with "git clone --depth N" while fetch.fsckobjects (or
transfer.fsckobjects) is set to true did not tell the cut-off
points of the shallow history to the process that validates the
objects and the history received, causing the validation to fail.
So, on versions prior to this, we always disable fsck when you're
pulling shallowly. If you need fsck validation, use a newer git.
It turns out older versions of git cannot properly check out a commit
if the ref that points to it was not a normal one (branch or tag).
So, we work around this case by detecting it add adding a fake
tag. Also, we change the fake ref we use for commit-only references
to be a regular branch and not a special one for the same reason.
This fixes https://github.com/flatpak/flatpak/issues/1133Closes: #52
Approved by: alexlarsson
In this case we will exec rather than fork + exec, so we don't
want to use prctl, as that can cause the app to die if any
*thread* in the parent dies (rather then the whole process).
In particular, this caused issues for gnome-builder starting
a newly built flatpak:ed app.
Closes: #51
Approved by: alexlarsson
Some manifest (cx.ring.RingGnome) had a git commit id that
was only tip of a non-branch ref (refs/changes/51/8051/8), which
was not cloned by a regular clone, so we need to switch to
a clone --mirror.
Closes: #50
Approved by: alexlarsson
Previously we chained all the state via the internal sha256
checksum, extracting periodic checksums. We now reset
the checksum for each state and instead feed it the previous
stage checksum to chain things.
This means we have different cache checksum values, but the same
chaining behaviour. The advantage being that the checksum is
re-startable from any point, if we know the parent checksum.
Closes: #49
Approved by: alexlarsson
When downloading a git repo we try to do a shallow (depth=1) fetch of
only the specified target. This normally works fine for branches and
tags, but if the commit is a raw SHA1 then it fails, because we can
only request refs from the remote.
We handle this by doing an ls-remote and seeing if the specified
target is either a (possilby partial) ref, or a commit id that a
remote ref is pointing at. If it is, we pull that ref only. If not,
then we fall back to a full fetch.
I believe this is the best we can do to fix
https://github.com/flatpak/flatpak-builder/issues/6Closes: #47
Approved by: alexlarsson
When doing a shallow clone when bundling git sources we sometimes need
to create a ref in the source repo. This changes the ref used from
refs/heads/flatpak-builder/ref-$REF to refs/flatpak/ref-$REF.
In other words, it uses a custom ref rather than a branch, which has
less chance of conflicting with some existing branch.
Closes: #47
Approved by: alexlarsson
We find these either in the appdata or the metainfo directory.
However, we always move it to the appdata dir with the appdata
extension, because that means older versions of appstream-compose
will always pick it up.
Closes: #44
Approved by: alexlarsson
This uses eu-elfcompress to compress the debuginfo. We use the older
zlib-gnu compression format which is older and has more widespread
support.
Closes: #43
Approved by: alexlarsson
All this does is construct a finish arg, but it makes it a lot nicer
to create extra-data using manifest. Additionally, it allows you to
create per-arch extra data if you set only-arches on the source.
Closes: #40
Approved by: alexlarsson
This lets you modify the project_license field in the appdata file.
This is useful because appdata files from upstream generally only
contain license information for the app itself, whereas the
bundled app may contain other code with additional licenses.
Closes: #41
Approved by: alexlarsson
It seems we have to specify
git fetch --depth 1 origin $ref:$ref
instead of
git fetch --depth 1 origin $ref
because on older versions of git (1.8.3 at least) this otherwise just
sets FETCH_HEAD, rather than $ref in the fetching repo.
There is no need to bundle the entire history in a git repo.
Instead we only bundle shallow versions of all the branches/tags/commit
that we reference.
For directly specified commit ids we can't really shallow-clone those,
so we create fake tags in the mirrored repo.